How to handle user data on the Android platform

Original author: Nick Kralevich
  • Transfer
With the increasing use of mobile applications, people are paying more and more attention to how these applications use their data. Despite the fact that the Android platform uses various permissions designed to protect users, application developers are responsible for how they use user data. It is important that the developers understand what code they are connecting, and carefully consider the requested permissions, since in case of improper use, you can lose the trust of users.
Building a robust and trusting ecosystem is a priority for every Android developer.
Let's look at a few points to write a trusted application:
1. Use a privacy police agreement
2. Minimize the number of requested permissions
3. Give your users a choice when collecting information
4. Do not collect unnecessary information
5. Do not send any user information from the device
6. ... however, if it is really necessary, use encryption and minimize the amount of information transmitted
7. Do not use code that you do not know
8. Do not drive devices or data logs for specific users

use agreement confit entsialnosti (privacy police)
A trusted application is open about what data it collects and why. Users, in general, agree to share information with such applications if they get any benefit from this. A simple and clear confidentiality agreement, indicating what data is collected and how it is used, will ultimately lead to the establishment of trust in the application. Minimize the number of requested permissions. Android is unique among mobile platforms in that it provides a simple and understandable permission model. All applications for the Android platform are required to declare the permissions that they require to work, and the user must agree to provide these permissions before installing the applications. Users slopes do not trust those applications that request excessive permissions

image




image

Give your users a choice when collecting information
This is called the privacy paradox [PDF, 890K]. Users often share information with pleasure, but they want to control this process. A trusted application gives users control over their data. For example, Android Browser has privacy settings that allow users to determine what information they would like to share. Do not collect unnecessary information. A trusted application limits the categories of information that it collects. Collecting unnecessary information, especially if you never use it, raises suspicions. When in doubt, do not collect it. Do not send any user information from the device

image





If you need user information, try to make sure that it remains within the device. Users will feel safe, knowing that their private information will not leave the phone. Sending data from the phone, even if it is done for the benefit of the user, leads to suspicion.

... however, if it is really necessary, use encryption and minimize the amount of information transmitted.
Sometimes access to user data is simply necessary. In this case, the application must be sure that it is safe. A confidentiality agreement will allow users to avoid unnecessary surprises; in some cases, it may be advisable to directly ask users before transferring data from the device.
First of all, minimize the information that you collect. Do you really need a full phone number, or will a territorial prefix suffice? Can you use one-way hashing of information before it leaves the device in order to protect user data?

Example: Favorites
Suppose your application wants to create a favorites list for each of your users, without having to go through the full registration process. Theoretically, you could do this by sending a certain combination of their phone number, device ID, or SIM card ID to the server. But why bother people with doubts about privacy? Why not send the hash code of any information from the options presented? Or even better, create a random identifier and save it on your phone, and use this unique key when registering for your application.


Secondly, encryption is critical for secure data processing. Phones are often used in untrusted networks where attackers can grab a confidential transmission. Data transfer encryption is critical to protecting user information.
The latter, when communicating with the server via HTTP, it is better not to transmit user information in the URLs that are used in the HTTP GET request. It is better to use POST to send them in the body of the message. Using POST does not guarantee that your information will not be intercepted, however placing it in the URL increases this likelihood. In addition, by default, most web servers log all received URLs.

Do not use code that you do not understand.
Since Android is an open operating system, it has become quite popular (and good) practice to rely on third-party code in the form of libraries and frameworks. However, if this code does not work correctly with user data, then this becomes your problem. Better check the code before you start using it.

Do not keep device logs or information for specific users.
Application developers should be careful with the logs created in devices. Android makes it easy to write to the telephone log, and everyone who has seen the result of the “logcat” run knows that it is filled with important, but in many ways random debugging information from many applications. On Android, logs are shared resources, and are available for applications with READ_LOGSresolution (with the permission of the user, of course!). Even if the information in the log is temporary and is destroyed upon reboot, inappropriate logging of information can lead to its leak to other applications

Also popular now: